From bcbc9eca11583426d9b0e7ce4d4e51b16bda32f0 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 29 May 2019 16:22:11 +0200
Subject: [PATCH 008/187] s3:rpc_client: Return NTSTATUS for
 init_samr_CryptPassword()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 4b9b1dbe9c8c988a39b1318a4f7aac031bc1ea8b)
---
 source3/lib/netapi/user.c      |  9 ++++++---
 source3/libnet/libnet_join.c   | 10 +++++++---
 source3/rpc_client/init_samr.c | 14 ++++++++++----
 source3/rpc_client/init_samr.h |  6 +++---
 source3/rpcclient/cmd_samr.c   |  5 ++++-
 source3/utils/net_rpc.c        |  9 ++++++---
 6 files changed, 36 insertions(+), 17 deletions(-)

diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c
index 4b66dab2f99..2136ef47ee6 100644
--- a/source3/lib/netapi/user.c
+++ b/source3/lib/netapi/user.c
@@ -326,9 +326,12 @@ static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx,
 
 			user_info.info23.info = info21;
 
-			init_samr_CryptPassword(uX->usriX_password,
-						session_key,
-						&user_info.info23.password);
+			status = init_samr_CryptPassword(uX->usriX_password,
+							 session_key,
+							 &user_info.info23.password);
+			if (!NT_STATUS_IS_OK(status)) {
+				return status;
+			}
 
 			status = dcerpc_samr_SetUserInfo2(b, talloc_tos(),
 							  user_handle,
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 9d4f656ffec..abf8672d050 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -1570,9 +1570,12 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 
 		/* retry with level 24 */
 
-		init_samr_CryptPassword(r->in.machine_password,
-					&session_key,
-					&crypt_pwd);
+		status = init_samr_CryptPassword(r->in.machine_password,
+						 &session_key,
+						 &crypt_pwd);
+		if (!NT_STATUS_IS_OK(status)) {
+			goto error;
+		}
 
 		user_info.info24.password = crypt_pwd;
 		user_info.info24.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON;
@@ -1584,6 +1587,7 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 						  &result);
 	}
 
+error:
 	old_timeout = rpccli_set_timeout(pipe_hnd, old_timeout);
 
 	if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
index d116ece576f..8b41ec2f10f 100644
--- a/source3/rpc_client/init_samr.c
+++ b/source3/rpc_client/init_samr.c
@@ -81,12 +81,18 @@ out:
  inits a samr_CryptPassword structure
  *************************************************************************/
 
-void init_samr_CryptPassword(const char *pwd,
-			     DATA_BLOB *session_key,
-			     struct samr_CryptPassword *pwd_buf)
+NTSTATUS init_samr_CryptPassword(const char *pwd,
+				 DATA_BLOB *session_key,
+				 struct samr_CryptPassword *pwd_buf)
 {
 	/* samr_CryptPassword */
+	bool ok;
 
-	encode_pw_buffer(pwd_buf->data, pwd, STR_UNICODE);
+	ok = encode_pw_buffer(pwd_buf->data, pwd, STR_UNICODE);
+	if (!ok) {
+		return NT_STATUS_INTERNAL_ERROR;
+	}
 	arcfour_crypt_blob(pwd_buf->data, 516, session_key);
+
+	return NT_STATUS_OK;
 }
diff --git a/source3/rpc_client/init_samr.h b/source3/rpc_client/init_samr.h
index 223fa91e3d9..4214ab55a04 100644
--- a/source3/rpc_client/init_samr.h
+++ b/source3/rpc_client/init_samr.h
@@ -25,8 +25,8 @@
 void init_samr_CryptPasswordEx(const char *pwd,
 			       DATA_BLOB *session_key,
 			       struct samr_CryptPasswordEx *pwd_buf);
-void init_samr_CryptPassword(const char *pwd,
-			     DATA_BLOB *session_key,
-			     struct samr_CryptPassword *pwd_buf);
+NTSTATUS init_samr_CryptPassword(const char *pwd,
+				 DATA_BLOB *session_key,
+				 struct samr_CryptPassword *pwd_buf);
 
 #endif /* _RPC_CLIENT_INIT_SAMR_H_ */
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 8cbf8ab24bd..ccaec1ada40 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -3063,7 +3063,10 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
 		return status;
 	}
 
-	init_samr_CryptPassword(param, &session_key, &pwd_buf);
+	status = init_samr_CryptPassword(param, &session_key, &pwd_buf);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
 	init_samr_CryptPasswordEx(param, &session_key, &pwd_buf_ex);
 	nt_lm_owf_gen(param, nt_hash, lm_hash);
 
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index a56190f7be5..f6fb892a2d9 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -6195,9 +6195,12 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
 
 		ZERO_STRUCT(info.info23);
 
-		init_samr_CryptPassword(argv[1],
-					&session_key,
-					&crypt_pwd);
+		status = init_samr_CryptPassword(argv[1],
+						 &session_key,
+						 &crypt_pwd);
+		if (!NT_STATUS_IS_OK(status)) {
+			goto done;
+		}
 
 		info.info23.info.fields_present = SAMR_FIELD_ACCT_FLAGS |
 						  SAMR_FIELD_NT_PASSWORD_PRESENT;
-- 
2.23.0